CVE-2020-7045
MEDIUMWireshark 3.0.0-3.0.7 - Denial of Service via BT ATT Dissector
Title source: llmDescription
In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by validating opcodes.
References (4)
Core 4
Core References
Exploit, Issue Tracking, Patch, Vendor Advisory x_refsource_misc
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16258
Patch x_refsource_misc
https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=01f261de41f4dd3233ef578e5c0ffb9c25c7d14d
Vendor Advisory x_refsource_misc
https://www.wireshark.org/security/wnpa-sec-2020-02.html
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html
Scores
CVSS v3
6.5
EPSS
0.0024
EPSS Percentile
47.6%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-476
Status
published
Products (2)
debian/debian_linux
9.0
wireshark/wireshark
3.0.0 - 3.0.8
Published
Jan 16, 2020
Tracked Since
Feb 18, 2026